setup_superfinderxt.exe

FSL - FreeSoftLand

The program is a setup application that uses the Inno Setup installer. The file has been seen being downloaded from passthrough.fw-notify.net and multiple other hosts.
Publisher:
FSL - FreeSoftLand

MD5:
5ddff80cf7d81e34d90e1a359ca10b11

SHA-1:
11dc368582e7055cbc19d9b1a8a30b2f6e2e3601

SHA-256:
d3cc5707c11d60a0f7e07cfec05694eb4e38f64c5f9f286ff763e9e6ae5bc361

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/26/2024 1:04:00 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.Win32.Generic.133A0778!322570104
23.00.65.14511

File size:
4.9 MB (5,184,839 bytes)

File type:
Executable application (Win32 EXE)

Installer:
Inno Setup

Language:
Language Neutral

Common path:
C:\users\{user}\downloads\setup_superfinderxt.exe

File PE Metadata
Compilation timestamp:
6/20/1992 12:22:17 AM

OS version:
1.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.25

CTPH (ssdeep):
98304:PPWWp9Nve72e4sHdDKPB9+rTyspOkfPedjhr1ie0g5Rte1y04hKH71xy333:3WL2Bad2PB9wjXfPe1ie0g5Rte1H4hKE

Entry address:
0x9C40

Entry point:
55, 8B, EC, 83, C4, C4, 53, 56, 57, 33, C0, 89, 45, F0, 89, 45, DC, E8, 86, 94, FF, FF, E8, 8D, A6, FF, FF, E8, 1C, A9, FF, FF, E8, 53, C9, FF, FF, E8, 9A, C9, FF, FF, E8, C9, F2, FF, FF, E8, 30, F4, FF, FF, 33, C0, 55, 68, FC, A2, 40, 00, 64, FF, 30, 64, 89, 20, 33, D2, 55, 68, C5, A2, 40, 00, 64, FF, 32, 64, 89, 22, A1, 14, C0, 40, 00, E8, 96, FE, FF, FF, E8, C9, FA, FF, FF, 8D, 55, F0, 33, C0, E8, 83, CF, FF, FF, 8B, 55, F0, B8, E8, CD, 40, 00, E8, 32, 95, FF, FF, 6A, 02, 6A, 00, 6A, 01, 8B, 0D, E8, CD...
 
[+]

Entropy:
7.9980

Packer / compiler:
Inno Setup v5.x - Installer Maker

Code size:
37 KB (37,888 bytes)

The file setup_superfinderxt.exe has been discovered within the following program.

Super Finder XT 1.6.3.2  by FSL - FreeSoftLand
Publisher's description - “Super Finder XT is a replacement for Windows built-in search. Search files, folders and other data efficiently and easily. "True" search text in file (unicode also). Search for hexadecimal pattern in file Full wildcard support.”
fsl.sytes.net
7% remove it
 
Powered by Should I Remove It?

The file setup_superfinderxt.exe has been seen being distributed by the following 13 URLs.

http://passthrough.fw-notify.net/download/595695/http://d110.cdn.m6web.fr/soft/.../super-finder-xt_1-6-3-2_en_67018.exe

http://lb.cdn.m6web.fr/d/c/a/2b62c02f8aeffb0030734f575a0b4a8a/58408809/soft/.../super-finder-xt_1-6-3-2_en_67018.exe

http://lb.cdn.m6web.fr/d/c/a/46c95cc83d473a2bda844ad2f1937b79/57fe0679/soft/.../super-finder-xt_1-6-3-2_en_67018.exe

http://lb.cdn.m6web.fr/d/c/a/b7ab1e0eb9f0027da3e4ac7651eff57c/57cbc6c9/soft/.../super-finder-xt_1-6-3-2_en_67018.exe

http://lb.cdn.m6web.fr/d/c/a/9120efb48cf65fd2bac1a0e74073a538/5799c3b5/soft/.../super-finder-xt_1-6-3-2_en_67018.exe

Scan setup_superfinderxt.exe - Powered by Reason Core Security